Changing Permissions on multiple folders for different users easily.

What happened is someone changed the security under all the user profile folders to "everyone" with full permissions and no one else.

These are user folders and the problem is everyone can get into everyone elses data.

What I was hoping is to have a script that would add the user to the folder with full permissions, add administrator with full permissions, and remove everyone.

Anyway to do this easily without having to change them by hand one at a time. Their is 3600 users on this server so we need another option.

Also the folder name is the users name who owns it.
RoginskyAsked:
Who is Participating?
 
oBdAConnect With a Mentor Commented:
The following batch script will walk through the folders and change the permissions; it adds the System account as well.

@echo off
setlocal
:: *** Path to the home folder root:
set HomeRoot=\\SomeServer\Home
for /d %%a in ("%HomeRoot%\*.*") do (
  ECHO xcacls "%%a" /t /g %Userdomain%\%%~nxa:F Administrators:F System:F /y
)

It's currently in test mode, it will only display the cacls command it would otherwise run. To run it for real, remove the capitalized ECHO.
Try this with a dummy home share (just a share with some folders named like user accounts) first to check if it works correctly. If that proves successful, run it against the real home folder.
0
 
RoginskyAuthor Commented:
This still won't help me to add the user to have full permissions.

Example if the user name is 10001a then the folder's name is 10001a so I just need that user to have permissions to that folder.

Also it didn't work on the test folders I setup. They still only have "Everyone" and no other groups.
0
 
oBdACommented:
Yes, and that's what this script should do. Did you see the remark about the test mode and removing the ECHO to run it for real? With the ECHO in it, it should just list the xcacls commands it would otherwise run.
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

 
RoginskyAuthor Commented:
Yes I did read what was posted.
0
 
oBdACommented:
Well, what happened? Any error messages?
0
 
RoginskyAuthor Commented:
I get the popup that I am not using cscript engine to run the command. and nothing happens.

I just now add cscript where ECHO use to be.

I get this error.

Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

Input Error: There is no file extension in "C:\xcacls".
0
 
oBdACommented:
That's a batch script; you need to save it as whatever.cmd, not whatever.vbs.
0
 
RoginskyAuthor Commented:
I edited the file and it works. It was getting an error with the /y option it says no such option.

here is what worked seems to work. it added the correct permissions how I wanted it.

@echo off
setlocal
:: *** Path to the home folder root:
set HomeRoot=\\siena\test
for /d %%a in ("%HomeRoot%\*.*") do (
cscript xcacls.vbs "%%a" /t /g %Userdomain%\%%~nxa:F Administrators:F users:F
  )
0
 
RoginskyAuthor Commented:
and yes I know I saved it as .bat

it wanted the .vbs after xcacls
0
 
oBdACommented:
Sorry, forgot that xcacls is an extra download; check here:
Windows 2000 Resource Kit Tool: Xcacls.exe
http://www.microsoft.com/downloads/details.aspx?FamilyID=7a3e2241-d7d0-42b6-b86e-6eda88726c01&displaylang=en

Otherwise,
echo y| cacls.exe "%%a" /t /g %Userdomain%\%%~nxa:F Administrators:F users:F
should do the trick, too.
0
 
RoginskyAuthor Commented:
Yeah I have xcacls and the echo y didn't work I just used what I put three responses up
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.